<?php  
include_once("./com.php");
error_reporting(E_ALL^E_NOTICE^E_WARNING);
date_default_timezone_set("PRC");
session_start();
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
/**
 * 后台管理员操作处理代码
 */
// 引入项目初始化文件
//require '../include/init.php';

// 获取操作的标识act的值
$act = isset($_GET['act']) ? $_GET['act'] : $_POST['act'];
// 处理非法操作
$action = ['logout', 'dologin', 'password', 'profile'];
if(!in_array($act, $action)){
	msg('非法操作');
}

// 后台处理登陆
if($act == 'dologin'){
	$username=$_POST['username'];
	$password=$_POST['password'];
	if($username!=""){
		$sel="select * from admin where aname='$username'";
		$ser=mysql_query($sel);
		if(mysql_num_rows($ser)>0){
			if($password!=""){
				$res="select * from admin where apassword='$password' and aname='$username'";
				$tre=mysql_query($res);
				if(mysql_num_rows($tre)>0){
					$_SESSION['username']=$username;
					$_SESSION['password']=$password;
					echo"<script>
					alert('登录成功')
					location.href='index.php'
					</script>";
				}else{
					echo"<script>
					alert('登录失败')
					location.href='./login.php'
					</script>";
				}
			}
		}
		
	}
}
// 退出
else if($act == 'logout'){
error_reporting(E_ALL^E_NOTICE^E_WARNING);
date_default_timezone_set("PRC");
session_start();
	unset($_SESSION['username']);
	header("location:./index.php");
	
}
// 管理员修改密码
else if($act == 'password'){

}
// 管理员修改资料
else if($act == 'profile'){

}

?>